Murat Erder, CTO for Financial Services at Valtech in Europe, and Eoin Woods, independent consultant in the field of software architecture, join host Giovanni Asproni to talk about Continuous Architecture—an approach to software design where architectural decisions are made and refined continuously throughout the lifecycle of a system, instead of up front in a big design phase. The show starts with a definition of Continuous Architecture and a description of the six principles underpinning it. Following that is an explanation of the main reasons and advantages of this approach, which finishes with some hints on how to get started using it. During the conversation, they explore several key points, including how to empower teams to take architectural decisions and recording those decisions; using feedback loops to refine the architecture; the role of software architects and architectural governance; the importance of focusing on quality requirements; and the impact of artificial intelligence on the field.

Brought to you by IEEE Computer Society and IEEE Software magazine.

Business Process Automation has been around a long time - what are the latest approaches? Richard talks to Ian Cooper about his work building BPA workflows in organizations - starting on paper or a whiteboard to make sense of the process before bringing tools into the equation. Ian talks about building repeatable workflows that are well-documented and source-controlled, typically through GitHub. As workflows get more complex, you'll need orchestration engines that can handle failures and provide telemetry to identify when and where things go wrong. And make sure you let users know how things are going - or they will worry!

Links

• Kafka
• Durable Functions
• GitHub Actions
• Temporal
• Pulumi
• OpenTelemetry

Recorded December 5, 2025

Known globally as DThompsonDev, Danny Thompson is a software engineer driven by a single mission: helping developers grow. He is the founder of the Commit Your Code Conference and community, leader of the Dallas Software Developers Meetup, the largest and most active dev group in North Texas, and co-host of The Programming Podcast. An expert in public speaking and AI, Danny is the author of The Developer’s Guide to AI. When he isn't on stage or coding, you can find him on the pickleball court or helping the next generation of speakers through his 'Commit Your Talk' initiative.You can find Danny on the following sites:

• Blog
• YouTube
• Bluesky
• LinkedIn
• X

Here are some links provided by Danny:

• Commit Your Code
• The Programming Podcast

PLEASE SUBSCRIBE TO THE PODCAST

• Spotify
• Apple Podcasts
• YouTube Music
• Amazon Music
• RSS Feed

You can check out more episodes of Coffee and Open Source on https://www.coffeeandopensource.com

Coffee and Open Source is hosted by Isaac Levin

Building AI apps is easy. Shipping them to production is not.

Microsoft Foundry lets developers bring powerful AI apps and agents to production in days. But managing safety, security, and compliance for each one quickly becomes the real bottleneck. Every enterprise AI project hits the same wall: security reviews, data classification, audit trails, DLP policies, retention requirements. Teams spend months building custom logging pipelines and governance systems that never quite keep up with the app itself.

There is a faster way.

Enable Purview & Ship Faster! 

Microsoft Foundry now includes native integration with Microsoft Purview. When you enable it, every AI interaction in your subscription flows into the same enterprise data governance infrastructure that already protects your Microsoft 365 and Azure data estate.

No SDK changes. No custom middleware. No separate audit system to maintain.

Here is what you get:

• Visibility within 24 hours. Data Security Posture Management (DSPM) shows you total interactions, sensitive data detected in prompts and responses, user activity across AI apps, and insider risk scoring. This dashboard exists the moment you flip the toggle.
• Automatic data classification. The same classification engine that scans your Microsoft 365 tenant now scans AI interactions. Credit card numbers, health information, SSNs, and your custom sensitive information types are all detected automatically.
• Audit logs you do not have to build. Every AI interaction is logged in the Purview unified audit log. Timestamps, user identity, the AI app involved, files accessed, sensitivity labels applied. When legal needs six months of AI interactions for an investigation, the data is already there.
• DLP policy enforcement. Configure policies that block prompts containing sensitive information before they reach the model. This uses the same DLP framework you already know.
• eDiscovery, retention, and communication compliance. Search AI interactions alongside email and Teams messages. Set retention policies by selecting "Enterprise AI apps" as the location. Detect harmful or unauthorized content in prompts.

How to Enable

Prerequisite: You need the “Azure AI Account Owner” role assigned by your Subscription Owner.

1. Open the Microsoft Foundry portal (make sure you are in the new portal)
2. Select Operate from the top navigation
3. Select Compliance in the left pane
4. Select the Security posture tab
5. Select the Azure Subscription
6. Enable the toggle next to Microsoft Purview

Repeat the above steps for other subscriptions

By enabling this toggle, data exchanged within Foundry apps and agents' starts flowing to Purview immediately. Purview reports populate within 24 hours.

What shows up in Purview?

Purview Data Security Admins:

Go to the Microsoft Purview portal, open DSPM, and follow the recommendation to setup “Secure interactions from enterprise AI apps” .

Navigate to DSPM > Discover > Apps and Agents to review and monitor the Foundry apps built in your organization

Navigate to DSPM > Activity Explorer to review the activity on a given agent/application

What About Cost?

Enabling the integration is free. Audit Standard is included for Foundry apps. You will only be charged for data security policies you setup for governing Foundry data. 

A Real-World Scenario: The Internal HR Assistant

Consider a healthcare company building an internal AI agent for HR questions.

The Old Way: The developer team spends six weeks building a custom logging solution to strip PII/PHI from prompts to meet HIPAA requirements. They have to manually demonstrate these logs to compliance before launch.

The Foundry Way: The team enables the Purview toggle.

• Detection: Purview automatically flags if an employee pastes a patient ID into the chat.
• Retention: The team selects "Enterprise AI Apps" in their retention policy, ensuring all chats are kept for the required legal period.
• Outcome: The app ships on schedule because Compliance trusts the controls are inherited, not bolted on.

Takeaway

Microsoft Purview DSPM is a gamechanger for organizations looking to adopt AI responsibly. By integrating with Microsoft Foundry, it provides a comprehensive framework to discover, protect, and govern AI interactions ensuring compliance, reducing risk, and enabling secure innovation.

We built this integration because teams kept spending months on compliance controls that already exist in Microsoft's stack.

The toggle is there. The capabilities are real. Your security team already trusts Purview. Your compliance team already knows the tools.

Enable it. Ship your agent. Let the infrastructure do what infrastructure does best: work in the background while you focus on what your application does.

Additional Resources

Documentation: Use Microsoft Purview to manage data security & compliance for Microsoft Foundry | Microsoft Learn